Presented at
BSidesLV 2017,
July 25, 2017, 6:30 p.m.
(25 minutes).
SniffAir is an open-source wireless security framework. Its primary purpose is to provide pentesters, systems admins, or others eager about wireless security a way to collect, manage, and analyze wireless traffic. SniffAir was born out of the hassle of managing large or multiple pcap files while thoroughly cross-examining and analyzing the traffic, looking for potential security flaws or malicious traffic.
We created SniffAir to collect all the traffic broadcasted, grouping them by Client or Access Point. SniffAir can be instructed to parse the information based on rules created by the user. These rules help define the scope. Using these rules, SniffAir moves the in-scope data to a new set of tables, allowing the framework to compare against the original table for anomalies. The user can then perform queries, which display the information required in a clear and concise manner - perfect for facilitating attacks.
Presenters:
-
Matthew Eidelberg
- Security Consultant - Optiv
Matthew Eidelberg is a husband, father, and security fanatic. Matthew currently works as a Security Consultant on Optiv's Attack and Penetration team. He has a passion for wireless, malware, red teaming and spends his free time taking things apart. @Tyl0us on Twitter
-
Steven Darracott
- Security Consultant - Optiv
Steven is currently employed by Optiv Security Inc. as a Security Consultant on the Attack and Penetration team where he performs numerous wireless security assessments annually.
Links:
Similar Presentations: